IETF Logo Mail Archive

Re: [saag] [Cfrg] RFC analyzing IETF use of hash functions [was: Re: Further MD5 breaks: Creating a rogue CA certificate]

David McGrew <mcgrew@cisco.com> Wed, 07 January 2009 23:26 UTC

Return-Path: <saag-bounces@ietf.org>
X-Original-To: saag-archive@ietf.org
Delivered-To: ietfarch-saag-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 79A873A689F; Wed, 7 Jan 2009 15:26:41 -0800 (PST)
X-Original-To: saag@core3.amsl.com
Delivered-To: saag@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A79273A689F for <saag@core3.amsl.com>; Wed, 7 Jan 2009 15:26:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.549
X-Spam-Level:
X-Spam-Status: No, score=-6.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7gBEbUARJpXb for <saag@core3.amsl.com>; Wed, 7 Jan 2009 15:26:39 -0800 (PST)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by core3.amsl.com (Postfix) with ESMTP id E34DF3A682D for <saag@ietf.org>; Wed, 7 Jan 2009 15:26:39 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.37,228,1231113600"; d="scan'208";a="127325342"
Received: from sj-dkim-8.cisco.com ([171.68.10.93]) by sj-iport-3.cisco.com with ESMTP; 07 Jan 2009 23:26:26 +0000
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-8.cisco.com (8.12.11/8.12.11) with ESMTP id n07NQQ5B031436; Wed, 7 Jan 2009 15:26:26 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.13.8/8.13.8) with ESMTP id n07NQQBo020646; Wed, 7 Jan 2009 23:26:26 GMT
Received: from xfe-sjc-212.amer.cisco.com ([171.70.151.187]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 7 Jan 2009 15:26:26 -0800
Received: from stealth-10-32-254-212.cisco.com ([10.32.254.212]) by xfe-sjc-212.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 7 Jan 2009 15:26:26 -0800
Message-Id: <6FD97BCF-12BD-4A70-BAD2-E38549051882@cisco.com>
From: David McGrew <mcgrew@cisco.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <p06240813c58843633ee5@[10.20.30.158]>
Mime-Version: 1.0 (Apple Message framework v929.2)
Date: Wed, 07 Jan 2009 15:26:24 -0800
References: <E1LHplH-0006Xw-V6@wintermute01.cs.auckland.ac.nz> <7E552E3F-C85A-4F0E-AC3E-879720A1E55F@extremenetworks.com> <21E69071-3D71-4882-94DF-80163CE7BEC9@cisco.com> <p06240813c58843633ee5@[10.20.30.158]>
X-Mailer: Apple Mail (2.929.2)
X-OriginalArrivalTime: 07 Jan 2009 23:26:26.0425 (UTC) FILETIME=[5C5C5690:01C9711F]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=781; t=1231370787; x=1232234787; c=relaxed/simple; s=sjdkim8002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mcgrew@cisco.com; z=From:=20David=20McGrew=20<mcgrew@cisco.com> |Subject:=20Re=3A=20[Cfrg]=20RFC=20analyzing=20IETF=20use=2 0of=20hash=20functions=20[was=3A=20Re=3A=20[saag]=20=09Furth er=20MD5=20breaks=3A=20Creating=20a=20rogue=20CA=20certifica te] |Sender:=20; bh=hlrxnczxwngI/mP3c4OFjBJzuqDhczjvWbjx68p6fE8=; b=nuEt1veRazv//4c/c+WSZc2JVIgHms5zR7It5g6ix2RoX47XD8kkiFv4Jl tejfTIK7ZqoZS2u+azc+yv78UElmVbvzfCc4HmwvWAnUMJeK/xnmeHA+hshC YWI9vFhePX;
Authentication-Results: sj-dkim-8; header.From=mcgrew@cisco.com; dkim=pass ( sig from cisco.com/sjdkim8002 verified; );
Cc: RJ Atkinson <rja@extremenetworks.com>, cfrg@irtf.org, saag@ietf.org
Subject: Re: [saag] [Cfrg] RFC analyzing IETF use of hash functions [was: Re: Further MD5 breaks: Creating a rogue CA certificate]
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: saag-bounces@ietf.org
Errors-To: saag-bounces@ietf.org

Hi Paul,

thanks for volunteering.  For a CFRG doc it would be good to point out  
how existing standards can benefit from newer research results, and  
what open problems could be addressed with future research.

David

On Jan 5, 2009, at 3:09 PM, Paul Hoffman wrote:

> At 2:50 PM -0800 1/5/09, David McGrew wrote:
>> I think it is a great idea to document the IETF applications/uses  
>> of hashing, and the attacks against particular uses of hashing.  It  
>> would make a great CFRG informational RFC, if we can find  
>> volunteers to contribute to and edit it.  I offer to review it.
>
> I will volunteer to update RFC 4270, and I assume that Bruce  
> Schneier would be willing to still be my co-author.
>
> --Paul Hoffman, Director
> --VPN Consortium

_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinfo/saag

v2.23.0 | Report a Bug | By Email